WordPress versions 4.4.1 and earlier are affected by two security
issues: a possible Side Request Forgery Vulnerability for certain
local URIs, reported by Ronni Skansing; and an open redirection
attack, reported by Shailesh Suthar.
For Debian 6 Squeeze, these problems have been fixed in version
3.6.1+dfsg-1~deb6u9.
We recommend that you upgrade your wordpress packages.